tv ABC 7 On Your Side News Special ABC August 23, 2015 9:00am-9:31am EDT
morris: this week on which is responsible for its caption content and accuracy. visit ncicap.org] a cyber attack on the irs was much more damaging than first expected. what's next or the agents the -- ? e agency >> a consumer might have taken three or four months to go to the paperwork and certifications that needed to be done, whereas today, we can turn around a procurement in the same day or a couple of days. morris: what's behind the first government reselling project? >> this is a group that includes a lot of associations, and they are essentially keeping pressure on congress. morris: lawmakers might be on vacati, but interest groups are engaged in a full scale tug-of-war. "goverernment matters" starts right now. viewers around the world on the american forces network and here in the nation's
capital, thanks for joining us. government is the engine that runs this city. that's why "government matters." every week, we bring you the top headlines in tech, security, and management. i'm your host, morris jones. another week, anothebreach, this time at the irs. agency officials first reported the attack in may, but it's larger than they thought. hackersattached -- accessed senensitive inforormatn on hundreds of tusands of taxpayers. diane: for the federal government, call in n a bad case of deja vu. first opium, now the irs reveals a hack that was larger than expected -- first opm, now the irs. it's nearly triple their initial 330 4000o at least people. >> "groundhog day," it is. it's now outime to stand up and say enough is enough. we've had so many hacks. how many more people can be breached?
diane: social security numbers and other data stolen from multiple sources to get past the multistep process and get past the agency's application, allowing users to view past tax returns. to those affected, the bad guys ll have much more detailed information about your life, such as your salary or marital status, making it easier to file false returns in the future. >> we do not know what they will do with that information, and that's what makes it so terrifying. diane: the irs got hacked despite a gao audit. the irshdog pointed at had not always effectively implementedccess and other controls to protect confidentiality, integrity, and ailability o of its financial systems and inforormation. ganotes progss had been weaknesses inys the i' and oer security programs increase the reason -- the risk taxpayer or other security
information could be disclosed or modified without authorization. the agency also plans to provide fortity protection pin's next year's tax returns, but is it enough? >> the irs requires us to give them this information, so we should be requiring of them that they protect it to its fullest. they should include everything including firewalls, password authentication and protection. last of all, it includes encryption. we should be demanding it of these agencies. diane: the agency says it will provide credit monitoring to those affected, and they identified another 170,000 that wereattempts unsuccessful. still, it says they will mail alerts to those people as well to let them know they could be at risk. governmenttreds of employees, i including some in e white house, congress, and law enforcement, use internet connections in their federal offices to access and pay
membership fees to the cheating website ashley madison. risk, as tjsecurity holmes reports. t.j.: website ashley madison, famous for encouraging users to secretly cheat on their spouse. >> life is short. have an affair. itshas been caught wi pantnts down after a gup dumped 1010 gigabytes of private user information on the dark web, reportedly including 3million e-mail addresses, nine point x million transactions, plus partial credit card --ormation's, street names, partial credit card inrmation and street names. the hackers threatened to publish names and nude photos andss ashley madison another site owned by avid life media are taken down. >> online extortion is something that is easy to do with a very high return and very low risk. t.j.: coming on the heels of
other high-profile attacks, this appears to be motivated by ideological differences. the impact team putting out a statement saying, "we haveve deceit, andfraud, stupidity of avid like media and their members. now everyone gets to see their data." morris: and contracting headlines, fcw reports the deadline has passed for protesting the pentagon plus new deal. "the washington post" reports a tech contractor based in virginia will merge with arlington software firm island data. the new company will be able to work across 49 states.s. data center company spent $3266 million on carpathian, a cloud service provider. s will now beqt able to compete for big, federal cloud contracts. gethub's first government
reselling project. this month positive to solutions announced a will provide that have enterprise to their -- they tol provide github services guess the customers. >> its most well-known for the online software collaboration platform where more than 10 million users across 25 million project collaborate on software. github.com the government agencies can install. morris: governmentwide acquisition contracts have aot to do with this partnership. i would like to read an excerpt from d.o.t.'s press release. b in customers will also have access to gwac's. tell us more
>> as most people probably know, government contracting is s a vy different animal than the private sector works when you are a government agency modernto bring on software, there's a little bit of a language barrier. a government agency might try to procure an online public engagement platform, what you or i might call a website. by having someone in d.c. that speaks the language of government argument, we make it easier for government agencies to bring on best-of-breed software development tools. morris: why was this not done in the papast? >> government paperwrwork. boxes to be checked. we've gotten a lot of feedback from customers that what might ve taken three or four months to go through the various paperwork and certifications that needed to be done, whereas today we can turn around a procurement in the same day or a couple of days at most. morris: by partnering with one company, does github risk alienating others?
>> we chose d.o.t. because we thought there was a really great opportununity for customers. they have a strong background in open source selling products like red hat, and also as a ,ackage of tools for customers so that it can become the one-stop shop for government aencies looking to bring on privatate-sector software development workflow and pipeline to their agency. an interesting question was raised -- why would agencies want to use github e enterprise when the standard version is so popular? the are more than 100 resitories and thousands of federal users. how would you answer that? >> github.com is ed by thousands of government agencies to work th software developers out in the open to make government software better, but not all government software is ready to be open source. or government agencies that have specific compliance requirements
or for whatever reason cannot trust t cloud, a shared tent environment with their code, enterprise allows them to install it behind their firewall where they can meet certain requirements and integrate witih their existing manament systems. morris: let's take a step back to look at the big picture. to overly complicated federal regulations make partnerships like this necessary, meaning companies know the system, github avoids a lot of paperwork, and everyone is happy? is that about right? >> from my experiee, trying to buy private-sector tools, the government sector is optimized fofor battleships and aircraft carriers, but the system does not scale down. github.com is mostly free or starts at $300 per year, and y u a three or four-month procurement only two by $300. hopefully, we will be able to
in "security matters," the tug-of-war. it is august recess on capitol hill. the senate floor is quiet, but lawmakers offices are witnessisg a flood ofction for groups that support and oppose the cyber security information act -- information sharing act. a group called fight for the futurere wants facebook and gooe to join theirr cause.
>> this is a group that includes tanks,f privacy think the american civil liberties union, access groups like that. they somewhat famously work sending faxes to members of congress -- were sending faxes to members of congress right before the august recess, and they turn their attention to large data service providers saying that they stand to share a lot of information with the government if this bill passes. there could be personally identifiable information in error about their customers and want the dozens, and they them to -- about citizens, and they want them to get off the sidelines. morris: on the other side is a coalition called protecting america's cyber networks, and they want lawmakers to finish the bill. who are they, and what steps have they taken? >> this group defends a lot of major business associations a are essentially keeping pressure on congress, telling them a want them to pass this in september as promised, and they also want
to take this away from privacy groups. they say it's not about sharing personal information but about sharing threat indicators. they are sayg it'not about personal information. morris: the ceo of the financial services roundtable defended cisa this month. nty: opponents say they do not like the bill because they think the government will share personal information. it's important to distinguish we are not talking about sharing personal information. we're talking about sharing cycyber threat information. it should be called the cyber teamwork bill. that would be a betttter label r it. morris: he may have a poi. privacy groups disagree. allowsment says cisa vast amounts of persala ata to be shared with the government, even that whihich is not necessy to identify or responto a cyber security threat because it permits companies to leave personal and identifying information in indicators it shares with the government.
who is telling the truth? >> tough to tell until the billl is in its final form. one thing that has irked privacy advocates a lot is that the bill does not say precisely what a cyber threat indicator is. there's a reason to have ambiguity because it could be different things at different times, but they say there's no hard and fast assurance that people's personal information will not bincluded in what is shared with the government, and it's also not clear exactly what the govement will be allowed to use the information for until the bill reaches its final form. there were some amendments for congress left for recess that would have expanded the number of rings they could do with this bill -- expanded the number of things they could do with this bill. we will not really know until we get a final bill and he gets an up-and-down vote on the floor how much information couldld ben it. covered the "new york times" report about the f fairvw program. in 2011, at&t started forwarding more than one million e-mails a day to nsa headquarters in
maryland. will this make the effort to sell cisa more difficult? is it even fair to link these issues? >> to the extent that it keeps the nsa in the news. isot of people said as cisa working its y to passage, that's the roadblock. that i is what needs to be seriously debated. it took a lot of work to make nsa reform happen, so the more people are thinking about nsa reform, the more difficult it will be for congress to seriously consider passing this, so the m more pressure there wil be to step back k from it. morris: i think you are exactly right. congress has struggled to pass substantial cyr legislation for years. do you think cisa has what it tatakes? >> it's not clear. nsa reform passes, that passed at a point when bill collection becauseady been stopped they had passed a deadline.
there was a lot of momentum behind that to get it passed, and it was still incredibly difficult. the idea that cisa could reach that is very far from m assuredt this point. morris: good to get your insight. thanks again. speaking of momentum, there's a lot of buzz around the term "category management" that could change the way opm t tras billions of federal l workers. wereak down age matters."
morris: in management matters, human capital training solutions . the office of personnel management and general services administration just released a request for proposals. they want to help agencies produce a world-class workforce and hieve their mission goals. for more, i'm joined by jimm williams, former acting admiministrator at gsa.
tell us more about this. what is it about and how much is it worth? jim: i think this is a a great gsa,vement by opm and coming together. this is part o of gsa's category management, the stragic sourcingffort that has been going on across government. this is in the services area, particularly in human capill and training services. getting g to this point, to put this large are a the out is a success story -- t--put this large rfp out i is a success story. opmpm originally releasedd a solicitation for a new training ctract in 2012, but facece11 protests s the between may and julyly of 2015 -- of 23. sounds like a mess. what is different this time around? jim: what is different is they are papartnering with gsa. opm has new people on this, but top-notchch are
procurement people. what they have really done zynga h the private sector as opposed to not talking to them -- what they have really donone is engad the private sector as opposed to not talking to them. i think this will be a success story. morris:: to an outsider, it sees strange that the officef personnel managent needs to outsource training and developing. why are they not equipped to train their own people? a policy and more oversight orgaganization, and ty should not duplicate what is readily available in the private sector. a lot of companies do a great job in this area of providing customized training, providing human capital strarategies and organizational performance improvement strategies. morris: t that makes sense. i want to talk about this attempt to streamlinene category management. what happened to strategic sourcing? isis gsa rebranding, or is
category management entirely different? jim: to me, it's just another name for strategic sourcing, but hasink category management taken hold. it's trying to leverage that horizontals been -- horizontal non-dod-typeof the ending. how do we approach that in a different way, looking at the strategies of who is buying it, hohomany vehicles are outhere, how you leverage the knowledge ross a government so the government can be a smararter buyer. tech andn the world of government, where do you see things in about t six or 10 mons ? getting better, about the same? have we plateaued? are you optimistic? jim: i think the government has look atwn term, and you what gsa has done, and this should be a prime example. this allows for interactive
communications with the private sector, and i think that should become a modeland i think there's more and more a desire to partner with industry, listen to them, and communicate with them, and that's a great thing. you talk to leaders around the world. can they learn from us? jim: we try t to talk to other countries to make sure they can replicate what we do. we have a fully transparent, open, competitive system that emphphasizes best value for the taxpayer. that's what we try to sell acrosshe world is the best thing you can do for your government mission and for your taxpayers. morris: defense secretary asked carter
women,: for military history is made. for the first time, two female soldiers have passed the grueling 62-day army ranger training program. secretly a sense of pride, and i say secretly because we cannot really cheer these females on. it's definitely a humbling experience to say back and see these women come through. barbara: even after all the hard training, the pentagon still will not let women actually joined the elite 75th ranger regiment, one of the nation's premier special operations unit. that decision must be made by january. army women say they want no special treatment. amber smith flew helicopters and iraq and afghanistan. amber: there has to be a mission standard, not a gender standard. it needs to be straight across the board, and then needs to be
that physical and mental strength to accomplish the mission. large-scale entry into whileat zone under fire executing surgical raids on targets to take out any threats is her expertise. ? w hard is ranger school 400 students started. only 96 graduated. of the 19 women who began, 16 dropped out. one is still working to get through the programming. little sleep and food is just the beginning. soldiers must do o 49 push-ups,9 setups, a five-mile run in the foot march inile three hours, parachute jumps, helicopter assault, and days of mock combat patrol. the army's top general has yet to make his recommendations about it women will actually be andwed to serve as rangers in other front-line combat units. >> i want to take a hard line
look at all that and make sure e standards are being met in the readiness force. there's no doubt in my mind that women can engage in ground combat with the enemies of our nation because they have done it. that's the latest from washington. thanks for watching. we know your week is filled with other matters. save this half hour for us. [captioning performed by t national captioning institut whicis responsible for its caption n content and d accucy. visit ncicap.org]
>> a 911 cal >> what were you thinking when it took 27 minuteses for an ambulance to get to you? do you fl like public safety is being jeopardized? >> i do. >> and improvised explosive device took his leg from the knee dow >>e shld have been rated higher for some of his injuries. it was an unexpected and unbebelievable find. >> i believee were meant to find this. > [captioning performed by the national captioning institute, which is responsible for its caption content and accuracy. visit ncicap.org] reporter: abc 7